TrakStok Logo TrakStok

Privacy Policy

Last updated: 21/02/2026

GDPR Compliant

1. Introduction

TrakStok ("we", "us", "our") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal data when you use our inventory management platform and related services (the "Service").

This Privacy Policy is designed to comply with the General Data Protection Regulation (GDPR) (EU) 2016/679, the ePrivacy Directive 2002/58/EC, and other applicable data protection laws. We are committed to ensuring that your privacy is protected.

By using the Service, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our policies and practices, please do not use our Service.

2. Data Controller Information

For the purposes of applicable data protection laws, including the GDPR, TrakStok is the data controller responsible for your personal data.

Data Controller:

TrakStok

Email: admin@trakstok.com

3. Legal Basis for Processing (GDPR Article 6)

Under the GDPR, we process your personal data based on one or more of the following legal bases:

Contract Performance (Article 6(1)(b))

Processing necessary to provide you with our Service and fulfill our contractual obligations to you.

Consent (Article 6(1)(a))

Where you have given explicit consent for specific processing activities, such as marketing communications.

Legitimate Interests (Article 6(1)(f))

Processing necessary for our legitimate business interests, such as improving our Service and preventing fraud.

Legal Obligation (Article 6(1)(c))

Processing necessary to comply with legal obligations, such as tax and accounting requirements.

4. Information We Collect

4.1 Information You Provide Directly

  • Account Information: Name, email address, password (hashed), and profile details
  • Organization Data: Organization name, business details, and team member information
  • Product and Inventory Data: Product names, descriptions, SKUs, quantities, pricing, and custom fields
  • Payment Information: Billing address and payment method details (processed securely by our payment providers)
  • Communications: Correspondence when you contact us for support or feedback

4.2 Information Collected Automatically

  • Device Information: Device type, operating system, browser type and version
  • Log Data: IP address, access times, pages viewed, and actions taken within the Service
  • Usage Data: Features used, session duration, and interaction patterns
  • Location Data: General geographic location based on IP address (country/region level)

4.3 Cookies and Similar Technologies

We use cookies and similar tracking technologies to enhance your experience. For detailed information about our use of cookies, please see Section 9 below.

5. How We Use Your Information

We use the information we collect for the following purposes:

5.1 Service Provision and Improvement

  • Provide, maintain, and operate our Service
  • Process transactions and manage your account
  • Personalize your experience and provide tailored features
  • Analyze usage patterns to improve our Service
  • Develop new features and functionality

5.2 Communication

  • Send transactional emails (account confirmations, password resets, etc.)
  • Respond to your inquiries and support requests
  • Send important service announcements and updates
  • Send marketing communications (with your consent)

5.3 Security and Legal Compliance

  • Detect, prevent, and address technical issues and security threats
  • Protect against fraudulent, unauthorized, or illegal activity
  • Enforce our Terms of Service and other policies
  • Comply with legal obligations and respond to lawful requests

6. Data Sharing and Disclosure

We do not sell your personal data. We may share your information only in the following circumstances:

6.1 Service Providers

We engage trusted third-party service providers to perform functions on our behalf, including:

  • Cloud hosting and infrastructure (data storage and processing)
  • Payment processing (billing and transactions)
  • Email delivery services (transactional and marketing emails)
  • Analytics services (usage analysis and improvement)
  • Customer support tools

These providers are contractually bound to protect your data and process it only as instructed by us (Data Processing Agreements in compliance with GDPR Article 28).

6.2 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., court orders, government agencies).

6.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your personal data may be transferred as part of that transaction. We will notify you of any such change.

6.4 With Your Consent

We may share your information with third parties when you have given us explicit consent to do so.

7. International Data Transfers

Your information may be transferred to and processed in countries outside of the European Economic Area (EEA). When we transfer personal data outside the EEA, we ensure appropriate safeguards are in place in accordance with GDPR requirements:

  • Adequacy Decisions: Transfers to countries recognized by the European Commission as providing adequate protection
  • Standard Contractual Clauses (SCCs): EU-approved contractual terms that provide appropriate safeguards
  • Binding Corporate Rules: Where applicable, approved internal rules for intra-group transfers

You may request a copy of the safeguards we use by contacting us at the email address below.

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including satisfying legal, accounting, or reporting requirements.

Account Data Duration of account + 30 days after deletion
Product/Inventory Data Duration of account + 30 days after deletion
Activity Logs Up to 24 months
Payment Records 7 years (legal requirement)
Marketing Preferences Until consent is withdrawn

9. Cookies and Tracking Technologies

We use cookies and similar technologies in accordance with the ePrivacy Directive and GDPR requirements.

9.1 Types of Cookies We Use

Essential Cookies (Strictly Necessary)

Required for the Service to function. These cannot be disabled as they are necessary for authentication, security, and basic functionality.

Preference Cookies (Functional)

Remember your preferences such as language, theme, and display settings.

Analytics Cookies (Performance)

Help us understand how visitors interact with the Service by collecting and reporting anonymous information.

9.2 Managing Cookies

You can control cookies through your browser settings. Most browsers allow you to refuse or delete cookies. However, disabling cookies may affect the functionality of our Service. For more information, visit www.allaboutcookies.org.

10. Your Rights Under GDPR

Under the General Data Protection Regulation (GDPR), if you are a resident of the European Union or European Economic Area, you have the following rights regarding your personal data:

Right of Access (Article 15)

You have the right to obtain confirmation as to whether your personal data is being processed and, if so, access to that data along with certain information about how it is processed.

Right to Rectification (Article 16)

You have the right to have inaccurate personal data corrected and incomplete personal data completed.

Right to Erasure / "Right to be Forgotten" (Article 17)

You have the right to request the deletion of your personal data in certain circumstances, such as when the data is no longer necessary for its original purpose.

Right to Restriction of Processing (Article 18)

You have the right to request restriction of processing of your personal data in certain circumstances.

Right to Data Portability (Article 20)

You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit it to another controller.

Right to Object (Article 21)

You have the right to object to the processing of your personal data, including for direct marketing purposes. We will stop processing unless we demonstrate compelling legitimate grounds.

Right to Withdraw Consent (Article 7)

Where processing is based on consent, you have the right to withdraw that consent at any time. This does not affect the lawfulness of processing before withdrawal.

Right Not to be Subject to Automated Decision-Making (Article 22)

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal or similarly significant effects.

How to Exercise Your Rights

To exercise any of these rights, please contact us at admin@trakstok.com. We will respond to your request within 30 days. We may ask you to verify your identity before processing your request.

Right to Lodge a Complaint

If you believe your data protection rights have been violated, you have the right to lodge a complaint with a supervisory authority. You can do this in the EU Member State of your habitual residence, place of work, or place of the alleged infringement.

11. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction, in accordance with GDPR Article 32. These measures include:

  • Encryption: Data encrypted in transit (TLS/SSL) and at rest
  • Access Controls: Role-based access controls and authentication mechanisms
  • Security Monitoring: Continuous monitoring for security threats and vulnerabilities
  • Regular Backups: Automated backups with secure storage
  • Employee Training: Regular security awareness training for team members
  • Incident Response: Documented procedures for handling security incidents

In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and, where required, notify affected individuals without undue delay.

12. Data Protection Contact

For any questions or concerns regarding data protection, or to exercise your data protection rights, please contact us:

Data Protection Contact

TrakStok

Email: admin@trakstok.com

13. Children's Privacy

Our Service is not directed to individuals under the age of 16 (or 13 in the United States with parental consent). We do not knowingly collect personal data from children under these ages. If you are a parent or guardian and believe your child has provided us with personal data, please contact us immediately.

If we become aware that we have collected personal data from a child without appropriate parental consent, we will take steps to delete that information as quickly as possible.

14. Third-Party Links and Services

Our Service may contain links to third-party websites or services that are not operated by us. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services. We encourage you to review the privacy policies of any third-party sites you visit.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. We will notify you of any material changes by:

  • Posting the new Privacy Policy on this page
  • Updating the "Last updated" date at the top of this policy
  • Sending you an email notification for significant changes

We encourage you to review this Privacy Policy periodically for any changes. Your continued use of the Service after the effective date of the revised Privacy Policy constitutes your acceptance of the changes.

16. Contact Us

If you have any questions about this Privacy Policy, your personal data, or wish to exercise your data protection rights, please contact us:

TrakStok

Email: admin@trakstok.com

We aim to respond to all privacy-related inquiries within 30 days.